Compliance & Trust Lead

Job not on LinkedIn

🔥 0 minutes ago

🇺🇸 United States – Remote

⏰ Full Time

🟠 Senior

🚔 Compliance

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Linear

WebsiteLinkedInAll Job Openings

11 - 50 employees

At Linear we believe software can feel magical. Quality of software is driven by both the talent of its creators and how they feel while they’re crafting it.

📋 Description

• Operate and extend Linear's compliance program end-to-end — maintain and mature our SOC 2 Type II, ISO 27001, and other relevant certifications (roadmap: ISO 27701, ISO 42001) while keeping audit overhead low and evidence collection as automated as possible • Be the primary point of contact for security questionnaires, customer trust reviews, and enterprise procurement conversations — turn what's often a bottleneck into a competitive advantage • Run our risk management program — identify emerging risks across the product, infrastructure, and vendor landscape, drive remediation with the right owners, and surface clear signal to leadership • Partner closely with engineering to embed compliance controls into how we build — shape policy and tooling so security requirements land early in the development process, not as a retrofit • Manage our third-party risk program — evaluate vendors and subprocessors, maintain our inventory, and ensure our supply chain meets the bar we hold ourselves to on both security and privacy • Help scale the GRC function with automation — reduce manual toil, build durable processes, and ensure the program grows with the business without linearly growing headcount

🎯 Requirements

• A seasoned GRC practitioner — you have 7+ years in compliance and customer trust, ideally in a B2B SaaS or developer tools environment, and you've seen enough audit cycles to know where the sharp edges are • Framework-fluent and privacy-aware — you have deep hands-on experience with SOC 2 and ISO 27001, understand how privacy regulations like GDPR and CCPA intersect with security controls, and can reason about new frameworks from first principles • A builder, not just an operator — you see manual compliance work as a problem to be designed away, default to scalable processes over manual workflows, have used tools like Vanta, Drata, or similar platforms to do it • A trusted partner, internally and externally — you work fluidly with engineering, legal, and customers alike; you can explain a control design to a skeptical customer, draft a crisp policy, and write a risk summary leadership will actually read • Autonomy-oriented — you're comfortable operating with significant independence, setting your own priorities, and knowing when to loop in leadership, without needing to be managed closely • Pragmatic over procedural — you optimize for reducing real risk, not checking boxes, and you know the difference

🏖️ Benefits

• Competitive salary and equity • Employee-friendly equity terms including early exercise in the US and extended exercise windows • Daily meal and coffee stipend on every workday • Paid co-working space or desk • Health coverage (based on country requirements) • 5 weeks paid vacation, plus local statutory holidays • 4 months paid parental leave • Paid month off after 4 years & every 2 years thereafter • Regular team events and off-sites • Remote-first with no required commute